Search CVEs

Common Vulnerabilities and Exposures (CVE) is a system for referencing publicly known vulnerabilities by identifiers. The goal of the system is to make it easier to share vulnerability data across stakeholders, including software vendors, tool vendors, security practitioners, and end users.
A
CVE entry
describes a specific known vulnerability. Each CVE entry has an identifier, such as CVE-2020-1234. A
CVE entry
is colloquially known as a
CVE
, and it’s security practitioner parlance for a publicly disclosed vulnerability.

Searching for a specific CVE

You can determine if Prisma Cloud offers coverage for a specific CVE by using the search interface in Console. The CVE ID syntax is:
CVE-YYYY-NNNN
Where:
  • CVE
    --
    CVE-ID prefix.
  • YYYY
    --
    Calendar year.
  • NNNN
    --
    Numeric digits. This field has a variable length, but the minimum length is four digits.
To search for a specific vulnerability:
  1. Open Console, then go to
    Monitor > Vulnerabilities > CVE Viewer
    .
  2. In the query text box in the top right, enter a CVE ID.
    For example, enter
    CVE-2015-1345
    .
    If Prisma Cloud has coverage for the queried vulnerability, details are listed in the results table.

Allow a CVE

Allowing CVEs is done directly as a policy.

Recommended For You